Trying to open a website which has CSP(Content Security Policy) sent with directive "frame-ancestors" set as https://xyz.site

[sandy0096]

Complete error is the following:

Refused to frame 'https://website.com' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://websiteA https://websiteB https://websiteC http://MoreWebsite.

This works on Android Webview, guessing it has Android's NativeWebView implementation and web-webview uses iframe to implement the same.

Getting this on Google Chrome, for Firefox it's forcing to open it on a new tab and then working OK.

Any ideas how to overcome this or any possible workarounds?

Edit1: Not using any injects, tried originWhitelist.

[malikzype]

You can use expo web browser to resolve the issue.

[sandy0096]

Thanks, In a shell, expo web browser is using ChromeCustomTab for android, but I want it for a web browser like a native web browser and not embedded in android.